Fixed #26235 -- Handled ProtectedError in a POST to admin's delete_view().

2016-03-21 16:20:30 +05:30 · 2016-03-21 16:20:30 +05:30 · 49ac10b4de
parent abf07355aa
commit 49ac10b4de
2 changed files with 13 additions and 1 deletions
--- a/django/contrib/admin/options.py
+++ b/django/contrib/admin/options.py
@ -1684,7 +1684,7 @@ class ModelAdmin(BaseModelAdmin):
        (deleted_objects, model_count, perms_needed, protected) = get_deleted_objects(
            [obj], opts, request.user, self.admin_site, using)

-        if request.POST:  # The user has already confirmed the deletion.
+        if request.POST and not protected:  # The user has confirmed the deletion.
            if perms_needed:
                raise PermissionDenied
            obj_display = force_text(obj)
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@ -2062,6 +2062,18 @@ class AdminViewDeletedObjectsTest(TestCase):
            '<li>Answer: <a href="%s">Yes.</a></li>' % reverse('admin:admin_views_answer_change', args=(a2.pk,))
        )

+    def test_post_delete_protected(self):
+        """
+        A POST request to delete protected objects should display the page
+        which says the deletion is prohibited.
+        """
+        q = Question.objects.create(question='Why?')
+        a = Answer.objects.create(question=q, answer='Because.')
+
+        response = self.client.post(reverse('admin:admin_views_question_delete', args=(q.pk,)), {'post': 'yes'})
+        self.assertEqual(Question.objects.count(), 1)
+        self.assertContains(response, "would require deleting the following protected related objects")
+
    def test_not_registered(self):
        should_contain = """<li>Secret hideout: underground bunker"""
        response = self.client.get(reverse('admin:admin_views_villain_delete', args=(self.v1.pk,)))